Summary: | <sys-kernel/gentoo-sources-4.4.19 are affected by CVE-2016-4913 and CVE-2016-3713 | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Pacho Ramos <pacho> |
Component: | Kernel | Assignee: | Gentoo Kernel Security <security-kernel> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | andrzej.pauli, kernel, limanski, marci_r |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 591810 | ||
Bug Blocks: |
Description
Pacho Ramos
2016-05-21 11:10:38 UTC
And the kernels before 4.4.14 are affected by CVE-2016-4997. (http://www.openwall.com/lists/oss-security/2016/06/24/5) I'm using 4.4.14 for a week on working laptop. No issues found comparing with current stable 4.4.6. Are there any blockers for this security bug? Well, there are many more security fixes since I reported this.. probably the best idea would be to stabilize 4.4.19 when it lands the tree 4.4.19 is in tree since yesterday. Regressions do happen, but very rarely at that stage of LTS, so I guess stabilising it is not unreasonable. I'm using 4.4.19 for a month on amd64. No issues comparing to 4.4.6 are observed. Fixes in by 4.7. |